Netsec Contract

Position: Senior Technology Engineer – Network and Security

Location: Dubai, UAE

Marc Ellis are looking for a Senior Network Security professional with wider skill set across Network
security, Networks and virtualization (Private Cloud), and Networks. The candidate should be able to
demonstrate stronger skill set and experience in network security domain, while having a good
knowledge and understanding of the network technologies in general.

Role
The candidate is expected to work on a new DC data center project focusing on network security
domain. The deliverables will require the candidate to take part in initial DC design discussions, HLD,
LLD. The candidate is not expected to lead the design phase but contribute towards the design from the
network security domain perspective as one of the key stakeholders in the overall DC design.
The new DC will be built using a private cloud virtualization platform either (VMware or OLVM)
depending on the final design. The incumbent is expected to hold good understanding and knowledge of
virtualization technologies at a high level. Any virtualization experience would be very helpful.
This opportunity is a mixture of design and hands-on role, which requires the candidate to be good at
both verticals. (Specially the hands-on part)

Job Description:
Network Security Skills

• Good understanding of network security architecture in enterprise network environments (Zero

trust networks)

• Good understanding of Application layer protocols

• Good understanding of TCP/IP protocol and its troubleshooting from a network security

perspective

• Good understanding of DDOS attacks and awareness of DDOS mitigation controls and tools

• Good understanding of IPS solutions, mainly Cisco source fire, Checkpoint IPS

NextGen Firewalls –

• Must have good knowledge and experience of Palo Alto, Checkpoint –

• Good knowledge and understanding of Palo Alto Panorama

• Good knowledge and understanding of Checkpoint security management appliances

• Optional: knowledge and experience of open-source firewalls such as OPNsense, PFsense

• Good understanding and experience of managing multi-factor authentication

• Good knowledge and experience of firewall management tools (Algosec, Tufin )

• Good knowledge or experience of firewall rules review / remediation-based projects







• Understanding of automation in general, any experience or involvement regarding firewall

policy change automation will be advantageous

Virtualization – Public / Private Clouds

• Good knowledge and experience of private cloud technologies (VMware, KVM, OLVM)

• Understanding of I.T terms, IaaS, PaaS, IaC

• Understanding of containers, Kubernetes PaaS environments in general

• Good to have public cloud experience across AWS, Azure or OCI

WAF – Web application Firewalls

• Good understanding of 3 tier application models

• Good understanding of HTTP and other web-based protocols

• Knowledge and experience of implementing F5 Big-IP LTM / GTM and ASM WAF features for

financial or other large organizations

• Optional: awareness and knowledge of other cloud based or on-premises WAF solutions

Web Proxy –

• Knowledge and experience of managing Bluecoat web proxy, DLP, web isolation, AV or any

other security controls

• Good to have knowledge and experience of Zscaler web proxy solution

Networking Skills (Routing/Switching)

• Good high-level understanding of network architectural designs (legacy 3-tiered model vs

leaf/spine)

• Good understanding of OSPF / BGP routing protocols

• Load balancers skills (Big-IP F5 knowledge/experience or any other opensource load balancers

(Haproxy, traefik etc.)

• Good understanding of CDN based service delivery using Akamai or Cloudflare

Governance:

• Good understanding and experience of change management within a major global Financial

Organization

• Good understanding and experience of ITIL framework relevant to incidents and problem

management

Management / Monitoring:

• Good understanding of industry best practices to plan and configure baseline configurations for

network security devices







• Good understanding of device monitoring via SNMP/ICMP using Solarwinds, NAGIOS, Icinga or

other similar NMS tool

Soft-Skills:

• Stakeholder management

• Self-leadership

• Effective Communication

• Transparency

• Sense of ownership

• Attention to details

• Willingness to progress